From 32396db40d42ac7d281ec1def3fd7558e4383f46 Mon Sep 17 00:00:00 2001 From: Agnes Kiss Date: Thu, 17 Aug 2023 15:49:21 +0100 Subject: [PATCH] Add more warehouses to database permissions --- .../docs/faqs/Warehouse/database-privileges.md | 4 ++-- .../databricks-permissions.md | 17 +++++++++++++++++ .../postgres-permissions.md | 18 ++++++++++++++++++ .../redshift-permissions.md | 18 ++++++++++++++++++ .../snowflake-permissions.md | 0 website/docs/reference/references-overview.md | 18 ++++++++++++++++++ website/sidebars.js | 7 ++++++- 7 files changed, 79 insertions(+), 3 deletions(-) create mode 100644 website/docs/reference/database-permissions/databricks-permissions.md create mode 100644 website/docs/reference/database-permissions/postgres-permissions.md create mode 100644 website/docs/reference/database-permissions/redshift-permissions.md rename website/docs/reference/{ => database-permissions}/snowflake-permissions.md (100%) diff --git a/website/docs/faqs/Warehouse/database-privileges.md b/website/docs/faqs/Warehouse/database-privileges.md index 73e0549f130..692b67f4e0a 100644 --- a/website/docs/faqs/Warehouse/database-privileges.md +++ b/website/docs/faqs/Warehouse/database-privileges.md @@ -12,8 +12,8 @@ schema¹ * read system views to generate documentation (i.e. views in `information_schema`) -On Postgres, Redshift, and Snowflake, use a series of `grants` to ensure that -your user has the correct privileges. +On Postgres, Redshift, Databricks, and Snowflake, use a series of `grants` to ensure that +your user has the correct privileges. Check out [example permissions](/reference/database-permissions/snowflake-permissions) for these warehouses. On BigQuery, use the "BigQuery User" role to assign these privileges. diff --git a/website/docs/reference/database-permissions/databricks-permissions.md b/website/docs/reference/database-permissions/databricks-permissions.md new file mode 100644 index 00000000000..14b24355d8a --- /dev/null +++ b/website/docs/reference/database-permissions/databricks-permissions.md @@ -0,0 +1,17 @@ +--- +title: "Databricks Permissions" +--- + +## Example Databricks permissions + +``` +-- NOTE: in general permissions can be granted on securable_objects to +principals (can be user, service principal, or group) +-- e.g.: grant privilege_type on securable_object to principal + +grant all privileges on schema schema_name to principal; +grant create table on schema schema_name to principal; +grant create view on schema schema_name to principal; +``` + +Check out the [Official Documentation](https://docs.databricks.com/en/data-governance/unity-catalog/manage-privileges/privileges.html#privilege-types-by-securable-object-in-unity-catalog) for more information. diff --git a/website/docs/reference/database-permissions/postgres-permissions.md b/website/docs/reference/database-permissions/postgres-permissions.md new file mode 100644 index 00000000000..bbab2fe5f4f --- /dev/null +++ b/website/docs/reference/database-permissions/postgres-permissions.md @@ -0,0 +1,18 @@ +--- +title: "Postgres Permissions" +--- + +## Example Postgres permissions + +``` +grant usage on database database_name to user_name; +grant create schema on database database_name to user_name; +grant usage on schema database.schema_name to user_name; +grant create table on schema database.schema_name to user_name; +grant create view on schema database.schema_name to user_name; +grant usage on all schemas in database database_name to user_name; +grant select on all tables in database database_name to user_name; +grant select on all views in database database_name to user_name; +``` + +Check out the [Official Documentation](https://www.postgresql.org/docs/current/sql-grant.html) for more information. diff --git a/website/docs/reference/database-permissions/redshift-permissions.md b/website/docs/reference/database-permissions/redshift-permissions.md new file mode 100644 index 00000000000..4c8dc59d723 --- /dev/null +++ b/website/docs/reference/database-permissions/redshift-permissions.md @@ -0,0 +1,18 @@ +--- +title: "Redshift Permissions" +--- + +## Example Redshift permissions + +``` +grant usage on database database_name to user_name; +grant create schema on database database_name to user_name; +grant usage on schema database.schema_name to user_name; +grant create table on schema database.schema_name to user_name; +grant create view on schema database.schema_name to user_name; +grant usage on all schemas in database database_name to user_name; +grant select on all tables in database database_name to user_name; +grant select on all views in database database_name to user_name; +``` + +Check out the [Official Documentation](https://docs.aws.amazon.com/redshift/latest/dg/r_GRANT.html) for more information. diff --git a/website/docs/reference/snowflake-permissions.md b/website/docs/reference/database-permissions/snowflake-permissions.md similarity index 100% rename from website/docs/reference/snowflake-permissions.md rename to website/docs/reference/database-permissions/snowflake-permissions.md diff --git a/website/docs/reference/references-overview.md b/website/docs/reference/references-overview.md index 16afd01607c..263d0f606ec 100644 --- a/website/docs/reference/references-overview.md +++ b/website/docs/reference/references-overview.md @@ -54,4 +54,22 @@ Learn how to add more configurations to your dbt project or adapter, use propert link="/reference/snowflake-permissions" icon="computer"/> + + + + + + diff --git a/website/sidebars.js b/website/sidebars.js index e319f4d49bf..5a527e1a06c 100644 --- a/website/sidebars.js +++ b/website/sidebars.js @@ -871,7 +871,12 @@ const sidebarSettings = { { type: "category", label: "Database Permissions", - items: ["reference/snowflake-permissions"], + items: [ + "reference/database-permissions/snowflake-permissions", + "reference/database-permissions/databricks-permissions", + "reference/database-permissions/redshift-permissions", + "reference/database-permissions/postgres-permissions", + ], }, ], guides: [